jiazhizhong/certimate
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: modify directory structure

Browse Source
This commit is contained in:
Fu Diwei
2025-06-17 14:01:34 +08:00
parent 299a722aa9
commit 30840bbba5
346 changed files with 5051 additions and 5086 deletions
Download Patch File Download Diff File Expand all files Collapse all files

122
internal/pkg/core/ssl-deployer/providers/proxmoxve/proxmoxve.go Normal file
View File

@@ -0,0 +1,122 @@
package proxmoxve
import (
"context"
"crypto/tls"
"errors"
"fmt"
"log/slog"
"net/http"
"net/url"
"strings"
"github.com/luthermonson/go-proxmox"
"github.com/usual2970/certimate/internal/pkg/core"
xhttp "github.com/usual2970/certimate/internal/pkg/utils/http"
)
type SSLDeployerProviderConfig struct {
// Proxmox VE 服务地址。
ServerUrl string `json:"serverUrl"`
// Proxmox VE API Token。
ApiToken string `json:"apiToken"`
// Proxmox VE API Token Secret。
ApiTokenSecret string `json:"apiTokenSecret,omitempty"`
// 是否允许不安全的连接。
AllowInsecureConnections bool `json:"allowInsecureConnections,omitempty"`
// 集群节点名称。
NodeName string `json:"nodeName"`
// 是否自动重启。
AutoRestart bool `json:"autoRestart"`
}
type SSLDeployerProvider struct {
config *SSLDeployerProviderConfig
logger *slog.Logger
sdkClient *proxmox.Client
}
var _ core.SSLDeployer = (*SSLDeployerProvider)(nil)
func NewSSLDeployerProvider(config *SSLDeployerProviderConfig) (*SSLDeployerProvider, error) {
if config == nil {
return nil, errors.New("the configuration of the ssl deployer provider is nil")
}
client, err := createSDKClient(config.ServerUrl, config.ApiToken, config.ApiTokenSecret, config.AllowInsecureConnections)
if err != nil {
return nil, fmt.Errorf("could not create sdk client: %w", err)
}
return &SSLDeployerProvider{
config: config,
logger: slog.Default(),
sdkClient: client,
}, nil
}
func (d *SSLDeployerProvider) SetLogger(logger *slog.Logger) {
if logger == nil {
d.logger = slog.New(slog.DiscardHandler)
} else {
d.logger = logger
}
}
func (d *SSLDeployerProvider) Deploy(ctx context.Context, certPEM string, privkeyPEM string) (*core.SSLDeployResult, error) {
if d.config.NodeName == "" {
return nil, errors.New("config `nodeName` is required")
}
// 获取节点信息
// REF: https://pve.proxmox.com/pve-docs/api-viewer/index.html#/nodes/{node}
node, err := d.sdkClient.Node(context.TODO(), d.config.NodeName)
if err != nil {
return nil, fmt.Errorf("failed to get node '%s': %w", d.config.NodeName, err)
}
// 上传自定义证书
// REF: https://pve.proxmox.com/pve-docs/api-viewer/index.html#/nodes/{node}/certificates/custom
err = node.UploadCustomCertificate(context.TODO(), &proxmox.CustomCertificate{
Certificates: certPEM,
Key: privkeyPEM,
Force: true,
Restart: d.config.AutoRestart,
})
if err != nil {
return nil, fmt.Errorf("failed to upload custom certificate to node '%s': %w", node.Name, err)
}
return &core.SSLDeployResult{}, nil
}
func createSDKClient(serverUrl, apiToken, apiTokenSecret string, skipTlsVerify bool) (*proxmox.Client, error) {
if _, err := url.Parse(serverUrl); err != nil {
return nil, errors.New("invalid pve server url")
}
if apiToken == "" {
return nil, errors.New("invalid pve api token")
}
httpClient := &http.Client{
Transport: xhttp.NewDefaultTransport(),
Timeout: http.DefaultClient.Timeout,
}
if skipTlsVerify {
transport := xhttp.NewDefaultTransport()
if transport.TLSClientConfig == nil {
transport.TLSClientConfig = &tls.Config{}
}
transport.TLSClientConfig.InsecureSkipVerify = true
httpClient.Transport = transport
}
client := proxmox.NewClient(
strings.TrimRight(serverUrl, "/")+"/api2/json",
proxmox.WithHTTPClient(httpClient),
proxmox.WithAPIToken(apiToken, apiTokenSecret),
)
return client, nil
}

82
internal/pkg/core/ssl-deployer/providers/proxmoxve/proxmoxve_test.go Normal file
View File

@@ -0,0 +1,82 @@
package proxmoxve_test
import (
"context"
"flag"
"fmt"
"os"
"strings"
"testing"
provider "github.com/usual2970/certimate/internal/pkg/core/ssl-deployer/providers/proxmoxve"
)
var (
fInputCertPath string
fInputKeyPath string
fServerUrl string
fApiToken string
fApiTokenSecret string
fNodeName string
)
func init() {
argsPrefix := "CERTIMATE_SSLDEPLOYER_PROXMOXVE_"
flag.StringVar(&fInputCertPath, argsPrefix+"INPUTCERTPATH", "", "")
flag.StringVar(&fInputKeyPath, argsPrefix+"INPUTKEYPATH", "", "")
flag.StringVar(&fServerUrl, argsPrefix+"SERVERURL", "", "")
flag.StringVar(&fApiToken, argsPrefix+"APITOKEN", "", "")
flag.StringVar(&fApiTokenSecret, argsPrefix+"APITOKENSECRET", "", "")
flag.StringVar(&fNodeName, argsPrefix+"NODENAME", "", "")
}
/*
Shell command to run this test:
go test -v ./proxmoxve_test.go -args \
--CERTIMATE_SSLDEPLOYER_PROXMOXVE_INPUTCERTPATH="/path/to/your-input-cert.pem" \
--CERTIMATE_SSLDEPLOYER_PROXMOXVE_INPUTKEYPATH="/path/to/your-input-key.pem" \
--CERTIMATE_SSLDEPLOYER_PROXMOXVE_SERVERURL="http://127.0.0.1:8006" \
--CERTIMATE_SSLDEPLOYER_PROXMOXVE_APITOKEN="your-api-token" \
--CERTIMATE_SSLDEPLOYER_PROXMOXVE_APITOKENSECRET="your-api-token-secret" \
--CERTIMATE_SSLDEPLOYER_PROXMOXVE_NODENAME="your-cluster-node-name"
*/
func TestDeploy(t *testing.T) {
flag.Parse()
t.Run("Deploy", func(t *testing.T) {
t.Log(strings.Join([]string{
"args:",
fmt.Sprintf("INPUTCERTPATH: %v", fInputCertPath),
fmt.Sprintf("INPUTKEYPATH: %v", fInputKeyPath),
fmt.Sprintf("SERVERURL: %v", fServerUrl),
fmt.Sprintf("APITOKEN: %v", fApiToken),
fmt.Sprintf("APITOKENSECRET: %v", fApiTokenSecret),
fmt.Sprintf("NODENAME: %v", fNodeName),
}, "\n"))
deployer, err := provider.NewSSLDeployerProvider(&provider.SSLDeployerProviderConfig{
ServerUrl: fServerUrl,
ApiToken: fApiToken,
ApiTokenSecret: fApiTokenSecret,
AllowInsecureConnections: true,
NodeName: fNodeName,
AutoRestart: true,
})
if err != nil {
t.Errorf("err: %+v", err)
return
}
fInputCertData, _ := os.ReadFile(fInputCertPath)
fInputKeyData, _ := os.ReadFile(fInputKeyPath)
res, err := deployer.Deploy(context.Background(), string(fInputCertData), string(fInputKeyData))
if err != nil {
t.Errorf("err: %+v", err)
return
}
t.Logf("ok: %v", res)
})
}